Forums front page is full of spam which has been posted several hours ago, making it look like an abandoned site.
Its not like all forums on internet face such spam, if they cannot make the registration/forum posting process better, they can at least get some volunteer moderators to help. I’m sure many users will be ready to do that for free. Please do something.
Firefox is throwing this warning on all pages on themeforest
I cannot login, it says incorrect password but it is not. Is anyone else facing difficulties to login?
IMO, this is pointless. As you see _e only echoes, it doesn’t do anything else. So if an attacker just want to ECHO anything why would he even need to target _e or php echo function? Why dont you just inject anything in the html?
Also check the Wordpress.org themes directory and see how many themese use esc_html_e instead of _e for the translation strings.
That script will execute when that page is loaded. BAD!Using esc_html_e instead:<span><?php esc_html_('Written by:', 'virtuti'); ?> <?php the_author(); ?></span>
There’s not even a single reference of that in the WordPress official codex, neither I could find any other link which tells that using _e is unsafe. Could you refer to some documentation?